Advertisement

A binary map of china.

3 ways China's access to TikTok data is a security risk

The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.


5g cellular tower

Top 5 security risks of Open RAN

Open RAN enables interoperability among hardware, software, and interfaces used in cellular networks but also changes their attack surface.


adding processor to circuit board computer hardware

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild.


Advertisement

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, August 2022

Keep up with news of CSO, CISO, and other senior security executive appointments.


conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2022

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


Top cybersecurity products unveiled at Black Hat 2022

Here are some of the most interesting new products launched at Black Hat USA 2022, including zero trust, extended detection and response (XDR), and a host of other threat and vulnerability management offerings.


Close-up shot of an eye and eyewear with binary streams in the foreground.

FTC begins sweeping commercial surveillance and lax data security rulemaking process

While some praise the FTC's efforts, some in Congress worry that it overlaps with and possibly jeopardizes the passing of the American Data Privacy and Protection Act.


secure system / network security policy management

Network mistakes, misconfigurations cost companies millions

Titania research pegs losses from misconfigurations at average of 9% of annual revenue.


An anonymous hooded figure consisting of binary code stands in a virtual corridor of circuits.

What happened to the Lapsus$ hackers?

Despite using methods that are "bold, illogical, and poorly thought out, Lapsus$ has successfully breached companies like Microsoft, Vodafone and Nvidia.


cso security hack breach identity infiltrate gettyimages 653137674 by solarseven 2400x1600px

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account.


Advertisement

lies that people tell themselves pinocchio liar lying by malerapaso getty

How a Venezuelan disinformation campaign swayed voters in Colombia

A Black Hat presentation explains how Russia-aligned Venezuela influenced the presidential election in Columbia to its political benefit.


ransomware attack

Black Basta: New ransomware threat aiming for the big league

The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.


orange monitors with lock icon network security cyber threat

37 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. This list, though not comprehensive, presents the most significant threats.


cloud security

Sensitive data in the cloud gets new automated remediation tool from BigID

An automated watchdog designed to keep private files in cloud storage secure is now available for Google Drive users, from data intelligence and management company BigID.


p1200405

Microsoft urges Windows users to run patch for DogWalk zero-day exploit

Despite previously claiming the DogWalk vulnerability did not constitute a security issue, Microsoft has now released a patch to stop attackers from actively exploiting the vulnerability.